cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
wongea
Explorer
Member since: ‎02-13-2013
‎02-17-2021
Community Statistics
Posts 6
Solutions 1
Karma Given 0
Karma Received 6
Member Since ‎02-13-2013
Activity Feed
View All

Qualys reporting vulnerabilities on splunk port 80...

by in Security
‎02-16-2021 10:52 AM
‎02-16-2021 10:52 AM
Hello, Qualys scans in our environment reporting issues on SSL and TLSv1.0, TLSv1.1. We are able to fix the TLS ones, not sure how to fix the below SSL ones. Please let me know if any one has any ideas. SSL/TLS Compression Algorithm Information Leakage Vulnerability Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) SSL Certificate - Expired SSL Certificate - Self-Signed Certificate SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Signature Verification Failed Vulnerability   Thank you. ... View more
Labels

Re: Splunk DB Connect: How to resolve dbxquery err...

by in All Apps and Add-ons
‎11-17-2016 11:08 AM
3 Karma
‎11-17-2016 11:08 AM
3 Karma
Try updating to DB Connect 2 version 2.4.0. I was running DB Connect 2 version 2.3.4. I was getting the same error of a 30 second timeout until I upgraded to version 2.4.0. Now the query works fine and I don't see the 30 second timeout. I was also get this 30000ms timeout message in my dbx2.log for cronned Splunk DB searches. The query would work fine in the DB Connect, Search tab, but it wouldn't work as a cronned search. I would get a blank email with no query results and I would see the 30000ms timeout in the dbx2.log. The fix was adding "maxWaitMillis = 60000" in the /etc/apps/splunk_app_db_connect/local/db_connections.conf to the specific DB connection you are trying to run it on. ... View more

Re: How to search Apache access_log data to find b...

by in Splunk Search
‎06-22-2016 03:26 PM
1 Karma
‎06-22-2016 03:26 PM
1 Karma
Hope this helps you. Apache access_log sample: 127.0.0.1 - - [22/Jun/2016:15:19:48 -0700] "GET /uri/sample/path HTTP/1.1" 200 20 15515 I created an extracted field called apache_byte_size on the second column from the very right. In this example the number of bytes = 20. I change the search to the time frame that I want. Sample Splunk search: index=apache host=hostname sourcetype=access_log | stats sum(apache_byte_size) ... View more

How do I measure CPU usage on *nix TA on Solaris b...

by in All Apps and Add-ons
‎05-08-2014 01:56 PM
2 Karma
‎05-08-2014 01:56 PM
2 Karma
Hi. I'm testing the *nix TA on a Solaris 10 LDOM. I enabled the cpu.sh in the inputs.conf and I'm getting the data reported per CPU thread. I have 120 CPU threads on my Solaris LDOM that are being reported and there is a CPU=all field. My box is using about 5% CPU used, 95% CPU idle as shown in a top command. When I do a Splunk search I see all 120 threads and an "all" thread with the percent idle. The "all" entry shows percent idle as 99% while thread 0 has like 95% idle which accurately represents the amount of work the actual server is doing. How would you handle a situation where you wanted to graph how much CPU was used in a time range? I think the 95% idle is accurate from the top command to show for the time range instead of the all value showing 99%. How come the "all" value doesn't show 95% idle? Search: index="os" host="hostname" source="cpu" Thank you for helping me understand how this CPU TA is supposed to work. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-17-2021 05:33 AM
Karma from